Overview

overview

10

Static

static

3

0309642241...18.dll

windows7-x64

10

0309642241...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    03096422415d2c4c983d39eb6b290145_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240427-menppahb9t

  • MD5

    03096422415d2c4c983d39eb6b290145

  • SHA1

    97f3e8e2eee42c0016e4483ed291cac4aab1fce7

  • SHA256

    4d29758ba37b2e04b17ced84f9662b2afe2ea2a0253c344fa2ae2cc519812abf

  • SHA512

    77ae845aa662d8f9ecdee86fda1002ebbf5c851580a1365e01d385f87a25f5e2dff471645a426779ffe0002a1196165bffcb1a6b0a38e1a463993a6188a95c96

  • SSDEEP

    49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9:+DqPoBhz1aRxcSUDk36SAEdhvxWa9

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      03096422415d2c4c983d39eb6b290145_JaffaCakes118

    • Size

      5.0MB

    • MD5

      03096422415d2c4c983d39eb6b290145

    • SHA1

      97f3e8e2eee42c0016e4483ed291cac4aab1fce7

    • SHA256

      4d29758ba37b2e04b17ced84f9662b2afe2ea2a0253c344fa2ae2cc519812abf

    • SHA512

      77ae845aa662d8f9ecdee86fda1002ebbf5c851580a1365e01d385f87a25f5e2dff471645a426779ffe0002a1196165bffcb1a6b0a38e1a463993a6188a95c96

    • SSDEEP

      49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9:+DqPoBhz1aRxcSUDk36SAEdhvxWa9

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3315) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks